<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html lang="en">
<head>
  <meta name="copyright" content=
  "Copyright (c) IBM Corporation and others 2008, 2011. This page is made available under license. For full details see the LEGAL in the documentation book that contains this page.">
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  <meta http-equiv="Content-Style-Type" content="text/css">
  <link rel="STYLESHEET" href="../book.css" charset="ISO-8859-1" type="text/css">
  <script language="JavaScript" src="PLUGINS_ROOT/org.eclipse.help/livehelp.js" type="text/javascript"></script>
  <title>Secure Storage</title>
</head>
<body bgcolor="#FFFFFF">
  <h1 class="Head">Secure Storage</h1>
  <p>The <a class="command-link" href=
  'javascript:executeCommand("org.eclipse.ui.window.preferences(preferencePageId=org.eclipse.equinox.security.ui.storage)")'>
  <img src="PLUGINS_ROOT/org.eclipse.help/command_link.svg" alt="command link"> <strong>General &gt; Security &gt;
  Secure Storage</strong></a> preference page is used to manage storage of encrypted information such as passwords.
  Typically you will have no reason to alter the preferences on this page. The options here are mostly for
  troubleshooting, and, to a lesser degree, for system administrators and power users.</p>
  <h2>Password options</h2>
  <p>The <b>Password</b> tab combines functionality related to the master password lifecycle and password
  providers.</p>
  <p>The <b>Clear Passwords</b> button clears cached master passwords from memory. This is analogous to logging out of
  the secure storage. Note that some password providers obtain credentials from the operating system automatically. To
  prevent them from doing so, you'll need to log out from the operating system account.</p>
  <p>The <b>Master password providers</b> section contains a list of currently available password providers. By
  default, the enabled provider with the highest priority is used to encrypt data added to secure storage. The priority
  range is from 0 to 10, with 10 being the highest. A password provider can be disabled it if malfunctions, or if you
  prefer a lower priority password provider.</p>
  <p>Note that data can only be decrypted by the same provider that encrypted the data. This means that changes to the
  list of the password providers affect only new entries. The password provider for existing entries can only be
  overwritten by the application storing the data.</p>
  <p>By default all password providers are enabled.</p>
  <p>Each password provider that has been used at least once will have a master password associated with it. Use the
  <b>Change Password...</b> button can to change the master password of the selected password provider.</p>
  <p>The <b>Recover Password...</b> button opens the password recovery dialog. Use this option if you have forgotten
  the master password and have configured password recovery questions. The button will be disabled if the password
  recovery setup was cancelled when the master password was created. Note that the answers for the password recovery
  questions have to be entered exactly as they were specified during the password recovery setup. Answers are
  case-sensitive and white space inside answers are significant.</p>
  <h2>Contents options</h2>
  <p>The <b>Contents</b> tab displays contents of the default secure storage.</p>
  <p>Secure storage is organized as a tree where nodes represent context of the information and values are associated
  with each node. Selecting a node in the tree will display a table of values associated with that node. Values stored
  in a non-encrypted form will be displayed; the encrypted values will be shown as "*********".</p>
  <p>At the bottom of this tab, you will find the actual file location used to persist secure storage data.</p>
  <p>To force changes to the contents of secure storage to be saved, click <b>Save</b>.</p>
  <p>To delete stored data to recover from an error or to reflect a change in the setup, click <b>Delete</b>. This will
  delete <b>all</b> of the contents of secure storage. In some cases, other parts of the application may depend on the
  contents of secure storage that you deleted. To avoid unexpected errors, it is highly recommended to restart the
  application after secure storage has been deleted.</p>
  <h2>Advanced options</h2>
  <p>The <b>Advanced</b> tab of the preferences page offers some extra tweaks to secure storage.</p>
  <p>The encryption algorithm used by secure storage can be modified from this page. The drop-down list displays the
  discovered algorithms that are provided by the Java virtual machine which are compatible with secure storage.</p>
  <p>Changes in the encryption algorithm are only applied to data stored after the change. If you have already created
  a secure storage it would have to be deleted and re-created to use the newly selected encryption algorithm.</p>
  <p>Note that the list of available algorithm might be different for different Java virtual machines and could be
  extended by providing custom algorithms using the Java security provider mechanism.</p>
  <h3 class="related">Related concepts</h3><a href="ref-securestorage-start.htm">Secure storage</a><br>
  <a href="ref-securestorage-works.htm">How secure storage works</a><br>
  <a href="ref-securestorage-recovery.htm">Password recovery</a><br>
  <a href="ref-securestorage-passwd.htm">Life of a master password</a>
  <h3 class="related">Related reference</h3><a href="ref-securestorage-options.htm">Secure storage runtime options</a>
</body>
</html>
